Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8193046

Difficult to change built-in password for JDK 9 cacerts store

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P3
    • Resolution: Duplicate
    • Affects Version/s: 9.0.1
    • Fix Version/s: None
    • Component/s: security-libs
    • Labels:

      Description

      Changing the password on cacerts file

      We use the Oracle distributed cacerts file in our software after changing its
      default password. We simply copy the cacerts file as distributed in the JDK
      and use the following command (which had worked for many release of Java)

      # keytool -storepasswd -new <new password> -keystore ./cacerts -storepass
      changeit

      Using Java 9 version:
      java version "9.0.1"
      Java(TM) SE Runtime Environment (build 9.0.1+11)
      Java HotSpot(TM) 64-Bit Server VM (build 9.0.1+11, mixed mode)

      We now get this warning:
      Warning: Different store and key passwords not supported for PKCS12
      KeyStores. Ignoring user-specified -new value.

      Following the lead with this warning message, we tried to modify both store
      and key passwords using this command:

      # keytool -storepasswd -new <new password> -keystore ./cacerts -storepass
      changeit -keypasswd -new <new password> -keypass changeit

      But we get this error message upon trying that:
      keytool error: java.lang.UnsupportedOperationException: -keypasswd commands
      not supported if -storetype is PKCS12

      What is the exact command syntax for changing the built-in password?

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                weijun Weijun Wang
                Reporter:
                shadowbug Shadow Bug
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: